this post was submitted on 20 Sep 2024
247 points (95.9% liked)
Showerthoughts
30728 readers
1498 users here now
A "Showerthought" is a simple term used to describe the thoughts that pop into your head while you're doing everyday things like taking a shower, driving, or just daydreaming. The most popular seem to be lighthearted, clever little truths, hidden in daily life.
Here are some examples to inspire your own showerthoughts: 1
Rules
- All posts must be showerthoughts
- The entire showerthought must be in the title
- No politics
- If your topic is in a grey area, please phrase it to emphasize the fascinating aspects, not the dramatic aspects. You can do this by avoiding overly politicized terms such as "capitalism" and "communism". If you must make comparisons, you can say something is different without saying something is better/worse.
- A good place for politics is c/politicaldiscussion
- If you feel strongly that you want politics back, please volunteer as a mod.
- Posts must be original/unique
- Adhere to Lemmy's Code of Conduct
If you made it this far, showerthoughts is accepting new mods. This community is generally tame so its not a lot of work, but having a few more mods would help reports get addressed a little sooner.
Whats it like to be a mod? Reports just show up as messages in your Lemmy inbox, and if a different mod has already addressed the report the message goes away and you never worry about it.
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Biometrics should be usernames, not passwords. Fingerprints, irises, faces, vocal patterns, all of it, no matter how good it is, only identifies the person trying to enter/use something and is somewhat easy to steal without their knowledge.
If you want true security you still need to ask for a passcode that only the now-identified user will know.
And yes, it is still possible to intercept the passcode at the moment that the user interacts with the locking mechanism, but that is completely different from grabbing it when they're randomly walking down the street, etc.
(Edit to add: I didn't think this needed to be explained, but I'm not saying biometrics should replace usernames, I'm saying they shouldn't have replaced passwords. And yes, you can still use biometrics in the authentication process to identify that it's you, i.e. your username, but you still need a password.)
What if you want to have more than one account with a provider, but you have only one face?
Are you serious or are you being pedantic and trolling? That doesn't change my point, your face shouldn't be the password to both accounts. It's pretty easy to add another step for multiple accounts.
Ok, but the providers will not offer such a service. I'd gladly take 2fa using biometrics and a password/passkey with my username working as it always has.
I'm not saying biometrics should replace all usernames. I'm saying that they should be used as usernames/identification at best.
I have the same username at multiple websites...
The only form of authentication that will work long term is to run a hash on the entire person.
Basically instead of authenticating that it is the same person, you authenticate that whatever is attempting access shares enough characteristics with that person to use the resource in the same way.
Like, a perfect transporter clone of me can get access to my stuff, but it’s okay because he’s got my same goals and moral constraints.